143 comments

[ 3.3 ms ] story [ 212 ms ] thread
> To settle the SEC’s civil charges, Bonthu has agreed to a permanent injunction and to return his allegedly ill-gotten gains plus interest.

It doesn't seem very dissuasive to only have to return the ill-gotten gains for insider trading, as it makes the returns of such trading positive if not all insider traders are caught.

A permanent injunction is a pretty big deal. I didn't want to spend the time finding the actual court filing corresponding to this press release, but 99% of the time, a "permanent injunction" in this context means a lifetime ban from the sale or offering of securities. Not such a big deal for the average Joe Sixpack, but in tech, where we're often paid in RSUs, options, and grants, it's a huge deal. Plus, there's the felony criminal record that will dissuade employers that aren't publicly traded.
Isn't the settlement with SEC to avoid the criminal record? Besides it's supposed to be a civil charge by SEC.
You're right, my mistake. Insider trading can be charged criminally. To be precisely correct on this case, we'd need to read the plea filing. The defendant's name is also public record, so while a criminal record search may not ding him, a regular search engine query sure will. :)
Yes insider trading can be charged criminally, but there's no actual statute prohibiting it, surprisingly:

"For example, Section 16 of the Securities Exchange Act of 1934 requires the disgorgement of short-swing profits by named insiders—directors, officers, and 10% shareholders. The 1934 Act’s general antifraud provision, Section 10(b), is frequently used in the prosecution of insider traders. Although the statute does not specifically mention insider trading but, instead, forbids the use of “manipulative or deceptive” means in buying or selling securities, case law has made clear that insider trading is the type of fraud that is prohibited by Section 10(b)" (https://fas.org/sgp/crs/misc/RS21127.pdf, emphasis added)

In other words, everybody has just basically decided that insider trading is wrong and people should go to jail for doing it, and caselaw reflects that, but there's no actual statute in place anywhere.

One of the reasons that there is no particular statue for insider trading is that it's difficult to say who the person who insider trades harmed.
The person on the other side of the trade. This would be the person who wrote the puts in this case and the entity harmed is more than likely the market maker for Equifax. If he just shorted the traditional way by borrowing and selling the stock, then its hard to argue who he harmed.
Plus the other stockholders
There are plenty of victimless crimes on the statute books.

The dispute over who might be theoretically harmed by insider trading relates to the legal theories proposed by courts and the SEC to justify the prohibition. Who might be harmed is of particular concern, particularly in the criminal domain, because we're dealing with an agency-created rule, and the courts are more-or-less following common law methodologies for specifying and circumscribing the rule. The applicable common law domain is Torts, and in Tort law there needs to be a breach of a duty to someone. Only once you identify that person (or persons) can you understand the scope of the duty owed them and by whom.

The two competing theories are (1) that insider trading violates a fiduciary duty to the company from which the information came or (2) that insider trading violates a duty to the public at large, the so-called Fraud on the Market theory. The Fraud on the Market theory is what the SEC still clings to, but courts won't buy it because it's just too broad and doesn't really comport with established common law principles. An important self-constraint to fashioning non-statutory law is limiting oneself to extending pre-existing legal principles.

The legislature isn't constrained by arcane legal technicalities. Their only constraint is the Constitution, which doesn't necessarily require shoe-horning laws into theoretically consistent buckets. The Fraud on the Market theory is too distant from any pre-existing legal principle, too distant from the plaintext of the existing statutes[1], and so only the legislature should be allowed to explicitly promulgate such a rule.

[1] This is why we're talking about common law principles and not more recent administrative law principles. These days courts probably would never have allowed an administrative agency to invent something like insider trading, particularly as a crime, and so wouldn't have needed to make recourse to foundational common law principles. The courts accepted the prohibition prior to the modern development of administrative law.

Who was harmed when Billy grows, and smokes a joint of pot?

That hasn't stopped a crop of statues from springing up to deal with just that kind of behaviour.

Market manipulation is not a victimless crime. Money does not condense in the stock market from thin air, all of the realized funds are coming from a place and going to a place...

Confidence is a big factor, whenever someone manipulates the market they're shaving a few thousandths of a cent off of everyone's funds in stock exchanges by lowering the general public confidence in the stock exchange - and if that ever dips low enough all our futures could evaporate.

Realized gains is another big factor, the stock market is large and nebulous and terrible to try and understand, but money goes in whenever money comes out - when your stock goes from 10$ to 11$, good for you, have a party... but you haven't realized those gains yet - when you actually sell your stock there is a buyer buying them from you, often times you'll sell to a mutual or index fund which constantly allow market liquidity, when you do so your benefit is coming out of someone else's pocket. The idea is that the other person has made an informed decision with all the information available to both of you to take a certain level of risk - when you add in insider trading the information available becomes unequal and you are selling them a risk of quantity x and they're expecting to buy quantity y, where x > y, these damages end up (generally) being pretty wide spread, but they slightly lower the margins on your mutual fund return or index fund or what-have you.

Criminals love to minimize the impact of their crimes so don't buy into it here you wouldn't believe that a burgler that broke into your house to steal a broken TV should only be liable for the lock (or even that he saved you money in the disposal fee).

There are real consequences for insider trading and they are serious ones.

> Isn't the settlement with SEC to avoid the criminal record?

No. The SEC is a civil agency which brings civil actions. Settling with the SEC does not prohibit the DoJ, or any state enforcement agency, from bringing criminal charges.

OK, make sense, just found out on the SEC website. So there won't be a criminal record before DOJ or local AGs place charges.
Additionally, SEC can't bring criminal charges. That has to be done via the FBI.
The SEC stuff was a civil action. They are being charged criminally by the state. From the article:

> In a parallel proceeding, the U.S. Attorney’s Office for the Northern District of Georgia filed criminal charges against Bonthu.

A "permanent injunction" just means "I promise not to do it again and will get in more trouble next time if I do," not that he can't be paid in options in the future.
Right, but I guess technically if he exercises the options, he’d own stock he could never sell?

I know options are usually just cleared and pay out the difference if they’re in the money, but I don’t know if that’s how it’s seen legally.

"In a parallel proceeding, the U.S. Attorney’s Office for the Northern District of Georgia filed criminal charges against Bonthu" [1].

[1] this press release

Didn't Elizabeth Holmes make a similar civil settlement with the SEC before a different branch filed criminal charges?
This was a borderline case, because he didn't actually know definitely that they had had a breach. He only speculated based on being assigned a planning task for such a scenario.

This settlement reflects the uncertainty of legal proceeding.

More BS law enforcement theater from the SEC.

> Bonthu sold the put options and netted more than $75,000

WOW. 75K. Big fish there.

> According to the complaint, Bonthu was told the work was being done for an unnamed potential client, but based on information he received, he concluded that Equifax itself was the victim of the breach.

And the guy wasn't actually trading any insider info. He had info available to the general public and was smart enough to figure out the trade. Just like anyone else on wall street.

Would be hard to discover if he uses his wife or relative's accounts to trade, right?
Not at all. Friends and families cannot trade on material non-public information. The SEC takes these investigations very seriously and they tend not to miss friend/family tipping.
How do they know who's friends with whom?
> How do they know who's friends with whom?

After any corporate action, the SEC (and various other agencies) trace back through trade records to look for suspicious trades. Family members are a matter of public record. And friends are now announced on LinkedIn, Twitter, Facebook, et cetera.

Facebook, for one.

While the SEC can undertake the tedious process of clearing all individuals with knowledge of the breach, a more effective tactic would be to look at suspicious trades and investigate potential insider knowledge. In that method, SEC looks at unusual volume/patterns in options contracts and security sales. The SEC will comb through each suspicious security sale that occurred prior to the breach announcement and cross reference the account owner's information with their list of insiders. If they have reasonable suspicion that a crime occurred, investigators obtain a warrant and complete the picture with phone records, email accounts, Facebook info (if not already obtained via parallel construction), etc.

> Facebook, for one.

So let's say in theory you could add a great deal of people as friends (thousands even) and in that case it would be quite difficult for the FBI to run that down (as they say). Besides they would have to supoena records from Facebook at a certain point if the 'friend' was not someone they could easily determine just from a picture or limited contact info.

And don't even get into 'linkedin' that is filled with more people you don't really know or care about than any service.

Most likely they will just work the other way. Someone makes a trade and they then see if they are linked to anyone in anyway at the company.

the threat of perjury or threat of prosecution for lying to law enforcement.
Let's suppose Bonthu did in fact tell you in advance, and you acted on it. The SEC can see your trades, and you don't know if Bonthu has mentioned this conversation to someone else - in particular, you don't know if he told, or will tell, the SEC or FBI. What are you going to say when the FBI comes asking? If they can show you lied to them, you just made things a whole lot worse for yourself. Did you tell someone else? If they also acted, they may well face the same issue, and they might well choose full disclosure...
> If they can show you lied to them

Take the fifth?

IANAL, I would guess not answering is safer than lying, but it does not stop the investigation of you, and it does signal information. Obviously, the fifth is far from a stay out of jail card, if a case can be made from other peoples' testimony.
The SEC's interpretation of insider trading is far broader than what the courts have accepted as insider trading.

Corporate training courses tow the SEC line, but the outcomes of actual civil and criminal prosecutions would be far swifter and harsher if the law was as the SEC says.

In short, in some contexts friends and family absolutely can trade on material non-public information. In fact, in no case are they directly committing a crime; their liability is vicarious--it stems from some illegal behavior of the actual insider, which turns on more elements than the simple act of disclosing material, non-public information. If that illegal insider behavior is lacking then friends and family are no different than some random member of the public who caught an anonymous tip.[1]

Of course, as with anything illegal you have to factor in the risk of a jury wrongly convicting, especially when the legal elements so heavily rely on circumstantial evidence and even insinuation as with insider trading.

[1] If the SEC had their way then even trading on an anonymous tip would be illegal. Indeed, if the SEC had their way they could prosecute damn near anyone they wanted, at any time, because their legal theory is so ridiculously broad it would effectively shift the burden of proof onto the defendant.

You may be surprised... when I worked at a hedge fund, there is always an insider trading training and one of the examples of such cases involved relatives. The thing is that this scheme is so obvious and almost brain dead. Investigators will definitely look into friends and families when doing these investigations.
So we'll probably manage (hide) our social networks well, and make some good offline-only friends. I do know SEC can put burden of proof to the person they suspect, but that can be prepared beforehand.
> we'll probably manage (hide) our social networks well, and make some good offline-only friends

Or don't insider trade. In the financial crime universe, insider trading is on the stupid end of the spectrum. It's tough to do right, hard to scale and easy to get caught.

Or just get elected to Congress. Then it's open season.
Despite widespread belief to the contrary, members of Congress are not allowed to trade on information for which they are bound by either a confidentiality agreement or a fiduciary duty.

Information asymmetry does not constitute insider trading. Trading on information which you have that the broader public does not have is also not insider trading. Trading on exclusive information which you learned through professional exposure, and which does not come with confidentiality or fiduciary requirements, is not insider trading.

That's not really what congresspeople do. They have financial interests and then write and pass laws to make those interests more valuable. It's not insider trading, but its some next-level shit. And the best part is its out and in the open. We all see it happening right in front of us.
What you're describing is not the grey area I'm talking about that people frequently confuse with illegal insider trading. I'm referring to the way that people believe Congress is explicitly allowed to get away with things ordinary people are not. Post-2012, they are not, but their work still exposes them to information they can legally use depending on the circumstances. That does not constitute insider trading, even for a relatively overzealous SEC.
> members of Congress are not allowed to trade on information for which they are bound by either a confidentiality agreement or a fiduciary duty

Prior to 2012, Congress was actually explicitly permitted to insider trade. That was fixed by the STOCK Act [1]. It doesn't make it easy to pull up records, but it does close the loophole.

[1] https://www.npr.org/sections/itsallpolitics/2013/04/16/17749...

Yes, but I'm talking about the myth that gets perpetuated post-2012.
Yeah, try that and see how it goes. :)

Courts aren't stupid, and can generally see through collusion attempts, and would probably have a fairly easy time showing culpable intent if you try to trade through friends and/or family members.

Sure, but how do they get that money back to you? How do you spend it? Theft is a lot simpler if you don't spend your ill-gotten gains.
E.g. Sergei Roldugin (although in a country without functioning anti-corruption institutions)
This is why people get busted for insider trading so often. They thing obscuring the purchase slightly will get the SEC off their tracks. Nope.

Even if you had a long-lost friend do it, the big trigger is the purchase itself. Someone buys no options in the past 5 years, suddenly buys a ton of out-of-the-money call options 2 days before a merger. The SEC zeros in on that like a laser.

Then they look at who purchased it. Any connection to the company that acquired/was acquired? No? Do they know anyone who is? Let's get their phone records.

I also think the SEC knows they can't police every transaction, so the ones that are flagged get investigated hard, to make an example of them.

If you really wanted to obscured it, one way would be to have a trail of purchases such that the "big one" doesn't look out of place. However, that would mean you'd need to make a bunch of losing bets.

Yep, the options market is super transparent, so whenever a company announces something which causes a dramatic change in their stock price, you and I can immediately go look to see if somebody made the perfect trade on that and on what date, strike price, volume, etc.

Especially considering it was probably the biggest data breach news in history, you can bet the SEC went through and looked into every single trader that profited off that.

How about transactions made by non-residents, like people trading from outside US. They can transfer out the fund long before SEC can get to it and conclude the investigation.
ha hah aha no.

The regulatory system relies on leveraging financial institutions such as the brokers themselves to do the snitching.

So they may voluntarily freeze funds. But even if they don't there is another layer:

Administrative law judges.

These are employees at the federal agencies that are imbued with the power of the judicial branch and rubber stamp injunctions and "emergency asset freeze" orders from their bosses. And by boss I mean the private sector such as FINRA.

So typically the funds get frozen AND the SEC files charges against non-residents. They can get you in most places on the planet, and also wait till you go on vacation to most places on the planet.

that's only ability in theory. Besides I don't think SEC can "get you in most places on the planet". First they are only a civil agency and it would be a civil charge. Second, they cannot easily get you in most places, and they won't spend the effort and money to do that even if it becomes criminal charge.
they often co-file with the department of justice to get the criminal charges

secondly the indictments leverage financial institutions as well as other federal agencies to be notified when a person - even foreign - is in their grasp or has known whereabouts

SEC indictments are often pretty ballsy. I read one where they indicted people in Eastern Europe who only traded on a CFD exchange. CFD exchanges don't exist in the United States. But the SEC said the traders should have known that the CFD broker would have made actual trades in the US equities markets due to their actions so therefore they have to answer for it.

What became of that? Maybe nothing just like you said

I don’t think so. A colleague of mine got a call from the SEC because a cousin was trading shares in the company we work for during a blackout period. They barely even know each other, but it got flagged somehow.
Of all the people to end in jail, this minor guy is the one? He clearly is not some major criminal but small opportunist.
Getting hacked, even if you were negligent, is not yet really a crime.

Insider trading is.

I think it makes sense. The minor guy doesn't know how to avoid getting in trouble like the bigger guys probably do.
Google a thing called "Fallacy of relative privation." Large crimes do not excuse smaller ones.
I don't think that is what OP was saying at all.
Funny though, small crimes always seem to be used to distract and deflect from the fact that no on ever gets punished for the large ones.
I believe the GP is making reference to the Equifax executive that sold a lot of stock right before the announcement of the data breach.
I was really surprised to see this was getting so much attention when the amount of money he made was only $75,000.
The point of insider trading laws is to punish small-time defectors from the conspiracy of silence that corporations cultivate. In that way, the executive class may make information public at times of their choosing, so as to maximize their own gains. If the typical defendant were a wealthy politically-connected WASP senior VP, the crime would quickly cease to exist.
I would like to see sentencing (probationary or prison) for financial crimes correspond to the amount of time it would take the median American to earn the amount of illicit proceeds.

So if someone makes $5M illegally their penalty would be 5x greater than that of someone that made $1M illegally and both would vary in proportion to how many years of someone's life that represents.

I disagree with the notion that the penalty for white-collar crime should be strictly proportional to how good you are at that brand of crime.

In a world where people occasionally steal $100m, that implies a maximum sentence of ~1 year for stealing $1m.

I think you missed a big chunk of the OP's comment, if an average wage in the US is 60k then stealing 1m would be a sentence of 16 years 100m would be a 1600 year sentence by following the logic.

It would be nice from the perspective of reducing the incomprehensibility from white collar crimes that net hundreds of millions of dollars though I'd be concerned about false charges... well, I'm generally concerned about false charges so we just need to fix our justice system, then such a scaling might make good sense.

Just to briefly note, these crimes aren't victimless, people who pull these sorts of stunts are taking money out of someone's pocket, usually fraudulent stock maneuvers will end up negatively impacting retirement mutual funds, sometimes other white-collar crimes may be more impactful, prematurely issuing foreclosures deprives people of their household. In the former case the damage is spread around and less horrific feeling, but both are terrible.

There are many reasons for punishment, like retribution, deterrence, and rehabilitation. Your proposal sorta makes sense on the retribution angle, but is grossly excessive for rehabilitation and deterrence. On the deterrence side, once someone has racked up, say, 50 years, there is no reason to stop because they will not really get punished further.
Rehabilitation has not been a component of US sentencing policy for over 40 years.
Fair point - it is a theoretical rationale for punishment but not done in practice so I should have omitted it.
I think it's fair to idealistically include it, it is one of the three theoretical goals. I personally think deterrence is the most vital goal of punishment but I think modern society is just concerned with retribution... especially with our "It's easier to ask forgiveness than permission" philosophy of late.
Median wage (all occupations) appears to be $18/hr, so with a 40 hour week that puts the sentence somewhere around 110 years.
$5 million would be roughly 100 years. :)
Sentencing guidelines already do this, and it works terribly. The problem is not all crimes are created equally.

"Federal sentencing is generally based on intended or actual loss, whichever is greater. Further, the judge is allowed to take into account intended losses from his entire course of conduct, not just the intended losses from the specific counts on which he was found guilty."

Criminal A stole $50k from pensioners via confidence tricks. Criminal B was engaged in a complex structure to shelter income; it was eventually ruled illegal and he was found to have avoided $50m in taxes.

These are both financial crimes, but by your logic Criminal B has done something a THOUSAND times worse than Criminal A, and thus if Criminal B gets sentenced for 5 years (a not-uncommon sentence for people convicted of large scale tax fraud) then Criminal A gets locked up for 44 hours.

Conversely if Criminal A gets sentenced to 10 years (a not-atypical sentence for that sort of crime), Criminal B gets locked up for 10,000 years? Or in other words, life without parol; a sentence we don't always hand out to murderers and rapists. For what is very likely nothing more than disagreeing with the IRS about how exactly a loophole in a very arcane law actually works?

By any reasonable metric, Criminal A deserves the harsher penalty. The face value of the amounts tells you very little about actual harm, culpability, chance of re-offending, etc.

This feels like a sacrificial lamb, to distract from the upper-level executives who made orders of magnitude more.
I'm flabbergasted by how miniscule his investment was. 3500% return on $2k. Did he think it was too small to fly under the radar? Or is he small enough to prosecute?
This sounds like he was thrown under the bus, probably to distract the SEC from investigating the executives who allowed corrupt business practices to continue.
Who cares about this one lone guy and his punishment?

Why is Equifax still around.. we have no say or opt in system to allow them to use our personal data for their financial gain.

I didnt agree to this! Isn't there an Equifax competitor that lets you opt in and is all about security. If not one of their competitors needs to rebrand as such or such a competitor needs to enter the market and whoop their a#*!

That is assuming the market cares about opting in and security. Since their customer is a business that needs information on you and not you directly, I'd say it doesn't. The pressure to change will need to come from elsewhere.
Unfortunately, there's no business justification for any of them to do this. That is, the financial incentives just don't exist.

Until we decide we've had enough of this and pass a real law that holds CRAs liable for the data they collect and store, absolutely nothing will change. Equifax's competitors know that, with no such law on the books, they have enough money to withstand the very few lawsuits that could come their way as a result of a breach. They know the average person doesn't have the spare cash or time to pursue such a case.

Equifax should have been liquidated after demonstrating the degree of negligence they tolerated for years. They're still standing because we let them.

> Until we decide we've had enough of this and pass a real law that holds CRAs liable for the data they collect and store, absolutely nothing will change.

Correct. This is a problem caused by the market. Expecting market forces (a competitor with better offerings) to just fix it isn't productive.

Its not a free market if you cant opt-out of it.
A market's degree of freedom and your ability to not participate are orthogonal. There are plenty of markets you cannot pragmatically opt out of, e.g. food and real estate.
In the food and real estate market are there three companies that have formed an oligopoly on any transactions within the market?

I don't disagree that some goods are inelastic and still can have robust free markets (see bottled water) but the credit score market is not one of them.

I disagree with this interpretation. Nobody can force-feed you, and you have the capacity to make your own food given the extreme. Real estate you can divide in housing and land. Housing is a free market, you can make your own shelter if you wish. You would have a point for land, it is not a free market.
Does GDPR cover this?
You probably did opt in, many times. Pretty much every businesses that uses their data (like every credit card company) also agrees to send them data, and in turn require you to agree to allow them to send the data.

When you get a mortgage, you have to agree to send the data to equifax -- you can't get a mortgage without it.

So the only way we'll fix this is by getting all of those companies to agree not to send data to equifax, but they like sending data there, because they get even better data in return.

More like coerced in as—like you say—it's required to get a mortgage or for that matter buy any financial product.
It's not coercion since it's well within your rights to not borrow money or buy financial products if you don't like the terms. Neither of the things you mentioned are life requirements. If you want them because you think you'd enjoy them then you need to agree to the other parties' stipulations, and if not you can continue to live without them. The fact that people have offered these products to the market doesn't mean you are entitled to have them under your own terms.
The terms benefit the coercive institutions more than the end user. They protect the institutions while reducing their accountability to zero. Credit monitoring companies are mafia like rackets and your blind support of them is extremely concerning.
The institutions give you cheap loans in exchange. This has opportunity costs. Giving you cheap loans is not free for these institutions. They could be investing their money elsewhere instead. They would do so if it wasn’t for the fact that having this information about you reduces the risk just enough that they prefer giving you the cheap loans to investing their money elsewhere. People who are offered these terms are offered a fair deal that is a win for both parties and that they are offered a fair deal is exactly the reason they accept it.
Yes, terms authored by an entity are often more beneficial to that entity. That doesn't make them "coercive". Don't do business with them and you'll be fine. Credit monitoring companies are nothing like the mafia. They won't come break your legs if you don't play ball with them.

Of course you're concerned. People that can't or won't manage to be responsible for themselves are always concerned that others don't agree with them. It threatens to hamper that carefree way of life.

This is a disingenuous stance to take. You could hardly be employed, pay rent, buy food, and live a modern life in any sort of comfortable way with this perspective.
Live a modern life, comfortable by modern standards? You’re right about that. But people in the past lived in worse conditions that were considered modern and comfortable then and credit ratings, by making the market for loans more efficient than it was before (however bad it may still be, it’s better than what it replaced), contributed to the improvements. You want to have your cake and eat it too, and it would be nice if that was possible but it is not because nobody is going to give you cheap loans if it comes with too much risk.
> You want to have your cake and eat it too, and it would be nice if that was possible but it is not because nobody is going to give you cheap loans if it comes with too much risk.

OP is not saying that he doesn't want anyone performing credit checks. He's saying that he wants to be able to choose a company that values privacy. Currently, there's no option of choice for the consumer, and that's a problem.

If the bank loses too many customers because a competing bank is offering to use a better credit checking company, you can bet that they are gonna change.

Most people don't care enough, and only select on price. So the bank gets the cheapest option for nonvisible backends (like credit checks)

Lots of countries in Europe have nothing remotely resembling the US credit scoring system and people there obviously live comfortable, modern lives and have access to financial services.
So far, I have had a credit check done once. It was done by me voluntarily, to unlock additional functionality (receiving the purchase before the payment gets cleared), with my explicit consent ("checking your credit involves transmitting the following data to xyz") and had a link to a form I could use to request the data they had on me from the credit rating agency (via post). Very different experience from what it sounds like people in the US have.
Okay, so then don't "live a modern life in any sort of comfortable way". That's not some sort of requirement or need. You're free to not be employed and gather your own food if you don't want to come to agreements with other people.

What's disingenuous is trying to pass off "modern life" as some sort of necessity and pretending like you couldn't exist without demanding use of other peoples' works.

Not in the US. You can go off and try to start a hobby farm in state/national forests or a hidden corner of someone's 10,000 acre ranch, and you might even get away with it for a while, but you're not free to do it.
Correct, you're not allowed to trespass on other peoples' properties. If you want to farm or live off the land you need to first have value, then make money, then buy land. It's a pretty straightforward process. It does not require sending data to Equifax, so I'm not sure what your point is.
That's how it works in Economics for Kindergartners 101 or a world with about 100x fewer humans, yes.
Where's my 40 acres and a mule?
Only If you've never needed to borrow money or hold credit.
Nobody needs to do those things, they choose to do them.
Yes, absolutely. Credit reporting is a pillar of contemporary standards of living.
That really shouldn't be how opting in works.
So you'd rather have to sign and opt in for every sentence in the mortgage contract individually? This is among the reasons you should read a contract before you sign it
Honestly I would, because that would make the masses object more. People (utterly subjectively derived) don't want to sign up with 30 marketing companies to save 5% on a car. That would shift the demand curve and make it cost a seller a portion of their expected revenue to demand people wave away so many rights, and (having worked in the mobile game industry) people take this seriously... Adding a barrier between a customer and your product costs you sales, so the more we materialize these externalities are real costs to sellers the more we'll see people actually respecting privacy rights.
They'd just sign off on every line and then later say they had no choice because they couldn't enjoy the thing they wanted otherwise. Just like every other ToS. Probably using arguments like "who should be expected to read each clause?!".
People _hate_ time share hard sells, some people still do them and some people still get suckered in but if you're trying to sell a product and you take the time share hard sell approach you'll scare off customers, even if the product is deserving of their attention. The approach I mentioned might not be the right way, but (for the sake of the free market, why won't anyone thing of the poor free market) we, as a society, need to start pinning the costs of externalities to their benefactors. I think burdening them by removing transferable rights might be a good step in that direction.
There is no externality here because the costs fall entirely on the person who takes the decision. People, myself and quite possibly yourself included, really do want to sign up with 30 marketing companies to save 5% on a car.
If you don't want to read the contract, you can sign without reading.
Yes, that's why key provisions of a contract are often mandated by law to have dedicated signatures or initials.
If you have a bank account or credit card of any kind the sign up paperwork will include an opt in. Pretty much the only way to opt out would be to live a Unabomber lifestyle in a cabin in the forest of Montana.
The thing is, they need that data in order to do their business. Lenders need some way of predicting whether or not you will be able to pay back your loan
If this sort of financial rating system is so crucial, we should probably nationalize the industry and make sure your score doesn't include things like adjustments due to biases (racial or whatever). Also Equifax et al. get things wrong all the time, legion are the horror stories about people's history being merged with others.
Equifax has an incentive not to get things wrong because their customers care about having accurate information. Nationalizing credit ratings would remove this incentive. That Equifax still gets things wrong does not imply that things would not be even more wrong if it was nationalized.
If their customers aren't checking accuracy and complaining to Equifax (and they aren't), then the incentive has no effect.
The banks are their customers. And you can bet you bottom dollars the banks do care for accuracy.
The banks don't actually eat the risk of inaccurately offered loans, this is why the housing market collapsed (simplified). Most of the logical incentives in financial sectors have become corrupted by perverse incentives with securities trading.
Turning away good borrowers and extending credit to bad ones are both terrible for business if you’re a lender. That’s the incentive.
Opting in implies a choice.... often times the “choice” is “give up your personal information or you can’t get the service at all”, even if the service is, say, a water utility.

A large part of the problem is that companies can pretend to use the information as an ID when actually using it to just get credit history. I wish we could simply pass a law saying that identity verification cannot use SSN, and that one must separately opt in to credit checks than to id verification.

> service is, say, a water utility

If you need to pay using a credit card then it makes sense that you must get your credit checked.

But there are always alternative payment methods that don't involve credit (like pay by cash). If you truly do not want to consent to having a credit history, you can avoid it.

Yes, it’s not a default opt-in. In fact, many people are unbanked in the United States. You can also choose not to open a bank account as well.
The way utilities work is equivalent to a credit card: you use the service over the course of a month/year, then at the end you pay for what you used. This is a form of debt. If you could pay at the atart, this would be alleviated, but you don't know how much you will use at the start. I'm sure there are various other solutions, but none as simple as verfiying credit history, then waiting to charge until the end of the period.
A solution that is as simple: Pay a deposit.

If you don't pay the bill, they use your deposit and terminate your service.

My current ISP didn't even ask for a deposit. I just visited one of their storefronts so they could check my ID to verify my name.

In the past I was with an ISP that didn’t allow overages, so monthly bills were predictable. They required 1 months payment as a deposit up front and ran a credit check. The only alternative was dial up.

Just because someone isn’t giving you credit and never will doesn’t mean they won’t want your credit details. Nor that you will have leverage to refuse.

Credit check and deposit? Since they had no competitor, I guess they could get away with it.

Yes, some companies are rotten, but some do provide just as simple ways to get service without a credit check.

> but none as simple as verfiying credit history

Counterpoint, if sending data to credit companies is handled even close to the same way that requesting data is, they may not always ask your permission. If you freeze your credit, you'll quickly discover just how often companies check it without telling you. It's kind of startling.

A few companies will tell you in advance that they're going to run a background check, but many will not. Then they'll come back very huffy and complain, "why couldn't we access your credit!"

Also for a fun game, the next time a representative from a company asks for consent to run a background check, tell them your credit is frozen and ask which company (Equifax, Experian, etc...) they're going to check with so you can unfreeze it. In my experience, 9 out of 10 times they won't know and there will be no way for them to find out in advance.

In the same way, even if you're consenting for a company to send data to partners, you don't always get to know who those partners are or who they'll be in the future. I try to pay attention to data consent forms now. Sometimes they do boil down to just "we're gonna share your info with... somebody. Possibly multiple of them."

I might be wrong, but I would bet that the person who you sit down with to sign your loan or your mortgage will not know who your data is going to be shared with, and they probably won't be able to look it up if you ask.

But hey, at least Geico can send me physical mail advertising on my birthday now, so I guess it's all worth it.

Honestly, I get the value of lower prices and rates because of this too. Because we have processes for detecting and excluding irresponsible people, I don't have to fund as many bankruptcies. Modern credit systems are great.
If a competitor like that existed, there’d be no incentive to use them. Car dealers, banks, employers don’t care about your security, they care about your credit worthiness.
EU doesn't have that kind of problem since those companies don't exist there. I'm not sure why NA is different...
I'm in the UK and we certainly do have Experian, Equifax, and other credit reporting companies here.
I think it's a UK thing, never heard of that in the rest of Europe?
Not that I have any love for Equifax, but to play devil's advocate -

Trust forms the basis of all financial transactions. Credit ratings companies increase trust, reducing the price of these transactions. Removing these companies would increase the price of loans/credit cards/etc.

(This ignores the fact that, for example, lenders in Australia mostly ignore credit ratings and instead focus on your earnings)

Their core business is very legit and needed. Banks and lenders need to have a central system to see who pays back loans and who doesn't, so Equifax etc play a vital role. If you ask for a loan or a credit card, it's perfectly legitimate to ask you that your info in recorded somewhere (or else no loan).

The problem is that companies are as good as their last quarter, so over decades and tens of quarters they had to do a lot of shady stuff to increase their earnings.

This low level guy gets punished, but the C level executives who let the system get so shoddy it resulted in the massive breach, they get nothing but a slap on their wrists.
I haven’t looked in a while so please correct me if I am wrong. But wasn’t there a report that the CTO did the same thing but was cleared? This seems like a much lower level manager.
The global CIO resigned, but was never investigated or charged that I'm aware of. The CIO of the U.S. business unit was tapped to be the new global CIO, but he was fired for alleged insider trading, and then charged by the SEC.
How is it that one guy can be punished for insider trading, yet the executives responsible for exposing the business to one of the largest data breaches in history get off with just a slap on the wrist.

Ignorance or negligence behavior when it comes to implementing and maintaining cyber security controls over PPI is not good enough, and the culture needs to change.

I think the implicit cultural rule is, you can exploit anyone who stands lower on the society ladder, but you cannot cut into the profits of people more powerful. Thus insider trading is punished, breaching millions sensitive consumer records is not.

This is probably not going to change anytime soon, it goes much deeper than maintaining security.

> Bonthu sold the put options and netted more than $75,000, a return of more than 3,500 percent on his initial investment.

who doesn't love options am I right?

any other delta or gamma chasers here